A computing system, comprising includes a first central processing unit (cpu) and a second cpu coupled with the first cpu and with a host processor. The second cpu and the host processor may both request the first cpu to generate keys that have access rights to regions of memory to access specific data. The first cpu may be configured to, in response to a request from the second cpu, generate a unique key with a unique access right to a region of memory, the unique key usable only by the second cpu, not the host processor.
|
11. A method for data and key separation in a system on a chip (SOC), comprising:
receiving, by a first central processing unit (cpu), a request to generate a key from both a second central processing unit (cpu) and a host processor, the key including access rights to regions of memory to access specific data;
generating a first key, by the first cpu, for use by the host processor; and
generating a second key by the first cpu for use by the second cpu, where the second key is generated using a variant module and the second key includes a unique access right to a region of memory; and
denying, by the first cpu, the host processor from using the second key.
17. A computing system, comprising:
a first central processing unit (cpu); and
a second cpu coupled with the first cpu and with a host processor, where the second cpu and the host processor both request the first cpu to generate keys that have access rights to regions of memory to access specific data,
where the first cpu is configured to, in response to a request from the second cpu, generate a unique key using a variant module, the unique key comprising a root key usable to decrypt a system or software file for execution by the computing system, where the host processor cannot use the unique key, and
where the first cpu is further configured to, in response to a request from the host processor, generate a second key usable by the host processor.
1. A computing system, comprising:
a first central processing unit (cpu); and
a second cpu coupled with the first cpu and with a host processor, where the second cpu and the host processor both request the first cpu to generate keys that have access rights to regions of memory to access specific data, and
where the first cpu is configured to, in response to a request from the second cpu, generate a unique key with a unique access right to a region of memory, the unique key usable only by the second cpu, not the host processor,
where the first cpu further comprises a variant module configured to provide a variant for the generation of the unique key, and
where the first cpu further comprises a filter module configured to filter requests coming from the host processor and the second cpu and to deny the host processor access to the variant module of the first cpu.
2. The computing system of
3. The computing system of
4. The computing system of clam
5. The computing system of
6. The computing system of
7. The computing system of
8. The computing system of
9. The computing system of
10. The computing system of
12. The method of
receiving a subsequent request from the host processor to generate a key; and
determining, by a filter of the first cpu, whether the subsequent request from the host processor attempts generation of the second key.
13. The method of
receiving selection of an algorithm variant by the second cpu;
applying the algorithm variant to a key generator of the first cpu to generate the second key; and
providing access or decryption rights to only the second cpu corresponding to the second key.
14. The method of
restricting the algorithm variant to one of multiple algorithm variants made available by the first cpu.
15. The method of
detecting, by a filter module of the first cpu, access requests to the memory by the host processor and the second cpu; and
denying, by the filter module, access attempts by the host processor to the region in memory.
16. The method of
18. The computing system of
19. The computing system of
20. The computing system of
|
This application claims the benefit of priority to U.S. Provisional Application No. 61/684,479, filed Aug. 17, 2012, and U.S. Provisional Application No. 61/729,237, filed Nov. 21, 2012, which are incorporated herein by reference.
This disclosure relates to system security performed by a security central processing unit (SCPU), and more particularly, to security functions performed in a system by multiple SCPUs operating at different security levels.
Rapid advances in electronics and communications technologies, driven by consumer demand, have resulted in the widespread adoption of data-driven devices, including those for handling and converting third-party media content. Third-party customers or clients want their content handled with security such that the content is not copied or used outside of certain permission levels. Systems that stream content digitally for multiple media providers to consumers seek to include higher levels of security so that competitor providers cannot access each other's secrets. In a large system on a chip (SOC), a single security central processing unit (SCPU) may perform security functions.
The systems and methods may be better understood with reference to the following drawings and description. In the figures, like reference numerals designate corresponding parts throughout the different views.
The discussion below makes reference to system security performed by a security central processing unit (SCPU), and more particularly, to security functions performed in a system by multiple SCPUs operating at different security levels. For purposes of explanation, two SCPUs are described, but more SCPUs can be implemented. The SCPUs may be instantiated on a system on a chip (SOC) such as may be used in a set top box (STB) for streaming media to consumers. Such media may include audio or audio/video content viewable by consumers on media devices.
In a large system on a chip (SOC) with a single security central processing unit (SCPU) that performs security functions, the system trust level may be binary: either the operation is highly secure, or it is completely untrusted. For operations that require an intermediate level of security, there exist two choices: (1) perform these operations in the SCPU; or (2) perform them in the host.
The first option may not be ideal because the SCPU may be responsible for highly sensitive tasks, like managing one time password (OTP) authentication, routing customer secrets, and the like. Mixing these highly sensitive tasks with lower security functions may create risk and detract from the main mission of the SCPU. The second option may not be ideal because performing intermediate security tasks in the host may leave the SOC unsecured, as the host CPU may not be trusted.
Executing security functions by a host on the chip may open up security too wide to provide sufficient security to chip operation. And, mixing highly secure and less secure functions as executed by a single SCPU may open system security up to some level of risk and detract from the main mission of a SCPU to secure the most sensitive functions of chip operation.
Furthermore, because the SCPU manages proprietary information to the SOC vendor, allowing the SCPU to be programmed by an end user customer may be problematic. Yet some of the intermediate level security tasks are better performed by end user code, and thus the SOC vendor may want to allow the customer to program aspects of SCPU functionality. To allow the user to program functions by the only SCPU on the chip may open up the security operation of the chip to additional risk and attack.
In an SOC, having a single SCPU may no longer be sufficient. Using a multi-security CPU approach, such as with a first SCPU dedicated for highly secure functions and a second SCPU used for lower security tasks, like digital rights management (DRM), managing transcoding, watermarking, etc. For purposes of explanation, the first SCPU is labeled security CPU-A herein, and the second security level SCPU is labeled security CPU-B.
Functions of security CPU-A at the first security level may include, for example, managing root keys, performing an initial secure boot, and routing secrets of a third-party content provider. Functions of security CPU-B at the second security level include, for example, digital rights management, license management, transcoder management, watermarking, and manipulation of data in secure memory. The security CPU-A may be configured with software code that treats commands from the security CPU-B as privileged, and that generates multiple unique commands for execution by the security CPU-B that are not executable by the host processor 110.
As configured to perform the majority of the processor-intensive security functions, the security CPU-B may be nearly as powerful as the host processor 110 in some implementations, and may, for instance, at the time of filing, perform up to 1,000 or 1,500 or more Dhrystone million instructions per second (DMIPS). As such, the security CPU-B may be focused on lower security functions. Security CPU-A may need a fraction of the power and operate at less than 1,000 DMIPS.
The system 100 may further include on-chip sensors 113, memory such as dynamic random access memory (DRAM) 115, a local checker 118 coupled with the security CPU-A and multiple peripherals 120 of the security CPU-B. “Coupled with” herein can mean to be directly connected to a component or indirectly connected through one or more components. The DRAM 115 may include a portion of which is protected code 116 stored in secure memory 117. The secure memory 117 may be partitioned into specific or identified regions of the DRAM.
The security CPU-A may include a host interface 122 to communicate with the host processor 110 and an SCPU-B interface 124 with which to communicate with the security CPU-B. The security CPU-B may include a CPU-B 130, a local static random access memory (SRAM) 132, an instruction cache (i-cache) 134, a data cache (d-cache) 136, an instruction checker 138 and an interrupt controller 140. The local SRAM 132 may be private local memory for access by the security CPU-B in which instructions may be saved and data temporarily stored that is not accessible to the host processor 110 or to other on-chip entities or clients.
The security CPU-B and the security CPU-A may be coupled together with a dedicated, secure communications bus 142 that operates as a private channel between the CPU-B 130 and the security CPU-A. The secure communications bus 142 may be inaccessible by the host processor and inaccessible by third-party clients that exist on the SOC 100. The secure communications bus 142 may be configured with a combination of hardware and firmware and perform a master slave relationship in which, in some operations, the security CPU-A is either the master of or slave to the security CPU-B. For instance, the security CPU-A may be the master of booting CPU-B securely in memory. But, the security CPU-A may also receive commands from security CPU-B or the local checker 118, for instance.
A third party that exists on the SOC 100 may have its own CPU, its own block of logic, or exist on the chip as a combination of hardware and software having access to capabilities of the SOC 100. The third party CPU may include a secure interface managed by the CPU-A.
The system 100 may further include a common register bus 144 to which third-party clients that exist on the SOC 100 have access. The common register bus 144 may be used to write into registers of the memory 115. The security CPU-A may be configured to prevent certain on-chip clients from stopping security CPU-B from operating as intended, as disclosed herein.
The local checker 118, which may be coupled with the security CPU-A and security CPU-B, may be a piece of hardware configured to prevent some clients or hardware existing on the SOC 100 from accessing certain regions of the DRAM. Likewise, the local checker 118 may prevent blocking access by the security CPU-B to the common register bus 144 and/or to reading from and writing to the DRAM of the SOC 100.
The security CPU-A may also program the local checker 118 to ensure internal peripherals 120 of the security CPU-B are inaccessible by third-party entities having access to the host processor 110. The peripherals may include, but not be limited to, a Universal Asynchronous Receiver/Transmitter (UART), a timer, an interrupt, memory, data storage, a media device, or a combination thereof.
The instructions checker 138 may monitor instructions to be executed out of the DRAM and determine whether instructions called for execution from the secure memory by a component are cleared for execution by that component. To clear instructions for execution, the instruction checker 138 may ensure that the security CPU-B does not operate outside of a region of the secure memory 117 that has been authenticated for secure operation or conditional access by the host processor 110. For example, the instruction checker may monitor reads and writes to the DRAM 115 and compare the DRAM addresses of those memory accesses with an address range set up by the security CPU-A as a pre-authenticated region for execution of the instructions. If the security CPU-B attempts to execute instructions outside of the region of memory, the security CPU-B may be rebooted or the entire SOC be reset.
In one example, the content saved to the secure memory 117 may include media content that a client does not want distributed in an unauthorized manner. The security CPU-B may decrypt the content for viewing on a consumer device, but not allow other peripherals to access or distribute the content outside of the system 100. The security CPU-B may ensure a consumer can view the content but not be directly accessed by the host. The security CPU-A and CPU-B may set up hardware that limits certain chip components in their access to the secure memory 117. For example, the security CPU-A and security CPU-B may make a region of memory off limits to the host processor. Furthermore, the security CPU-B may perform watermarking or manipulate time stamps with regards to content that a consumer may view.
More particularly, the secure memory 117 may be accessible exclusively to the security CPU-A and CPU-B and to local decompression and rendering engines. Thus, the security CPU-B may decrypt content into this memory region and then local display processes may read the decrypted content for local rendering. None of these steps requires the host processor 110 to have access to the secure memory. The security CPU-B may ensure a secure data flow by decrypting the content into this restricted region, out of reach of the host processor.
The interrupt controller 140 may be coupled with the security CPU-A and be configured to monitor the on-chip conditions from data generated by the sensors 113. The on-chip sensors 113 may generate data related to attributes of the chip such as, for example, temperature, voltage levels at specific points on the chip, clock speed and the like. If one of these attributes varies too much or in the wrong way, it may be indicative of a potential intrusion or hacker trying to disrupt normal operation of the SOC that would allow access to secure data and/or secure operation. The interrupt controller 140 may aggregate and mask interrupts from other functional blocks of the SOC 100 that may include interrogation of the sensors to detect predetermined threshold values of those sensors for use in determining whether or not the interrupt controller 140 masks an interrupt.
Furthermore, the interrupt controller 140 may generate an interrupt or a hookup in response to detecting conditions indicative of an intrusion. The interrupt or hookup may adjust operation of the host processor 110 or the security CPU-B in real time to ensure secure system operation. The host processor may also have a separate memory buffer than the memory buffer the security CPU-B uses, where the memory buffer for the security CPU-B may be configured as not accessible by the host processor 110 and configured to provide control logic to the second security CPU-B.
The system 100 may communicate over a network 15 such as the Internet or any wide or local area network to communicate with a Web server 20 and media clients 30. The clients 30 may be the customers that procure the SOC 100 for use by consumers to stream media content to consumer media devices 10. The security CPU-B may obtain the time and day over the Internet from the Web server 20 using a secure protocol. The time and day may then be considered secure time and be stored by the security CPU-B in either the local SRAM 132 or the secure memory 117 in DRAM 115. So stored, the security CPU-B may prevent access by the host processor or other on-chip programmed components to the secure time, which may be used by digital rights management and other forms of lower level security functions during execution of the secure functions.
The second SCPU may determine whether an instruction called for execution from secure memory is cleared for execution by a component of the SOC calling the instruction (222). If the component is not cleared to execute the instruction, neither the first nor the second SCPU are permitted to execute the instruction (226). If the component is cleared to execute the instruction, the second SCPU may determine whether the instruction executes a first or the second security level function (230). If the component requests to execute a first security function, the first SCPU executes the instruction (234). If the component requests to execute a second security function, the second SCPU executes the instruction (238). The first SCPU may also be the requestor component of either the first or second security functions and the second SCPU may be the requestor component of either first or second security functions, depending on the function.
More particularly, an encrypted first stage code 317 and an encrypted second stage code 319 are saved in flash memory 315. The host processor 110 may attempt to boot security CPU-A, and thus access the first and second stage encrypted codes. In response, the host processor 110 may be allowed to write the first and second stage codes 317 and 319 into the DRAM 115 from flash memory 315, but the first and second stage codes remain encrypted. The host processor 110 may then configure a first stage boot loader (FSBL) 320 that includes a DRAM interface 324. The DRAM interface reads the first stage code 317 from memory and the FSBL 320 decrypts the first stage code 317 and writes the decrypted code 327 into the private local SRAM 132 of the security CPU-B.
The security CPU-A may authenticate the decrypted code 328, either in place in the local SRAM 132 or on the fly as the decrypted code 327 is being written into the local SRAM 132. The security CPU-A may be further configured to authorize the security CPU-B to execute the decrypted code with the CPU-B 130 once authenticated. The decrypted first stage code 327 may be executed to make decisions with regards to how to load, decrypt and execute the second stage code.
With further reference to
The security CPU-B may work with the high-security CPU-A to create a memory checker 428, a special piece of hardware. The memory checker 428 may be configured to ensure decryption of the second-stage encrypted code 319 occurs only from the first region 321 to the second region 421 of memory in the DRAM 115. If the host processor attempts to write the decrypted second stage code 419 into memory outside of the second region 421, the memory checker 428 may alert the security CPU-B so that the code is not written outside of the second region or may force the decrypted second stage code to be written to the second region.
The security CPU-B may then decrypt the second stage code 319 using the key generated by the security CPU-A and write the decrypted second stage code 419 into the DRAM 115 at the second region 421. While the host processor 110 may access the first region it cannot access the second region. The security CPU-B can, however, access the second region to execute the decrypted second stage code. Accordingly, the second stage of the boot process ensures that when the decrypted second stage code 419 is saved to memory, the decrypted second stage code is executable upon request by the host processor, but without allowing the host processor to access the decrypted second stage code. As third-party clients of the SOC 100 have access to the host processor, the two-stage boot process ensures that third-party entities are not able to snoop on the decrypted second stage code 419 through pin snooping or the like.
When the host processor 110 attempts to execute an instruction from the decrypted second stage code outside of the second region 421 of the DRAM 115, the instruction checker 138 may block the execution of the instruction, or reset the SOC 100, causing a reboot of the security CPU-B. In the alternative, or in addition, the instructions checker 138 may alert the security CPU-B of the attempt so that the security CPU-B may perform the block or force execution of the instruction to the second region 421 of DRAM.
The first stage boot loader (FSBL) reads the first stage code from DRAM (608). The FSBL decrypts the first stage code (612). The FSBL writes the decrypted first stage code to private local SRAM of the security CPU-B (616). The security CPU-A then authenticates the decrypted code, whether on the fly as it is decrypted or after being stored in local SRAM (620). When the decrypted code is not authenticated, the security CPU-A does not authorize the security CPU-B from executing the decrypted first stage code (624). When the decrypted code is authenticated, the security CPU-A authorizes the security CPU-B to execute the decrypted first stage code (628). The security CPU-B then executes the decrypted first stage code, when authorized to do so (630).
With reference to
When the host attempts decryption of the second stage code, the memory checker determines whether decryption is from Region 1 (716). When decryption is not from Region 1, the memory checker and the security CPU-B do not allow the decryption to take place (720). When decryption is from Region 1, the security CPU-B decrypts the encrypted second stage code with the key (724).
The memory checker then determines whether a request is received to write the decrypted code to Region 2 (728). When the memory checker determines the host processor attempts to write the decrypted second stage code to other than Region 2, the memory checker or the security CPU-B prevents the decrypted second stage code from be written outside of Region 2 of DRAM (732). When the memory checker determines the host processor requests to write the decrypted second stage code to Region 2, the security CPU-B writes the decrypted second stage code to Region 2 of the DRAM (734).
The security CPU-B may then execute the decrypted second stage code on behalf of the host processor (738). An instruction checker may determine whether the executed instructions are being executed within Region 2 of DRAM, one instruction at a time (742). When an instruction is to be executed outside of Region 2, the instruction checker may alert the security CPU-B so that the security CPU-B does not execute the instruction as requested or may force the instruction to be executed within Region 2 (746). When an instruction is to be executed inside of Region 2, the instruction checker may inform the security CPU-B to continue with executing instructions (750).
These sensitive files may include those related to digital rights management (DRM) of propriety media such as audio or audio/video files or to other sensitive files. For example, in a DRM system, files may be protected from unsecure software by using special keys that are not known to the software. However, although the keys are not known, the commands used to decrypt the files are available to the host. This allows unsecure software to later send the command to decrypt the data in memory. Furthermore, it may be desirable to transmit commands from the security CPU-B to the security CPU-A to create a completely different key structure than the same commands issued from the host processor 110, to secure security CPU-A. Issuing separate commands may be done, as will be explained, in a way that the host cannot emulate the same keys.
Because the security CPU-B operates at a higher security level than the host processor,
In one example, the security CPU-A includes a variant module 800, a key generator 805 and a filter 115. The key generator 805 generates keys 820 such as the key 820 displayed in
In some cases, the security CPU-B needs a unique key generated with exclusive access that the host processor is not provided. As previously discussed, the security CPU-B may communicate with the security CPU-A through the secure, dedicate communications bus 142. This bus 142 may be physically and/or logically separate from a bus 840 through which the host processor communicates with the security CPU-A. The security CPU-B may issue a special command or request of the security CPU-A over the dedicated bus 142 to the variant module 800 for generation of a unique key. The variant module 800 may make multiple possible changes or variants available for selection by the security CPU-B. Upon selection of a change or variant, the key generator 805 may then apply the selected variant(s) to an algorithm used to generate the key. The key generator may apply the variant as done in a key ladder or hash algorithm so that if any step in the decryption is not carried out, then access is denied.
The filter 810 may authenticate access to the variant module 800 by the security CPU-B and deny access to the variant module 800 by the host processor 110. The filter 810 may also distinguish between commands or requests issued by the host processor 110 and the security CPU-B, e.g., that the commands/requests are respectively correctly indicated as coming from the host processor 100 and the security CPU-B for purposes of key generation and access to the secured regions of memory. With authenticated access using a request with which the security CPU-A generates a unique key, the security CPU-B may obtain exclusive access to sensitive files, including DRM-protected media content. In some cases, access may also be provided to a different region of memory for writing the content elsewhere in the DRAM 115. Where the key generated is a root key, the security CPU-B may gain exclusive decryption rights of system or software files for execution by the system 100 from protected regions in DRAM 115, regions inaccessible by the host processor 110.
The security CPU-A receives a request from the host or the security CPU-B to generate a key. The filter of the security CPU-A may determine whether the request is from the host or the security CPU-B (910). If the request is from the host, the security CPU-A may generate a key as requested for use by the host processor (914). The security CPU-A provides access or decryption rights to the host processor corresponding to the key (918).
If the request is from the security CPU-B, the security CPU-A may also receive selection of an algorithm variant through the variant module (922). The key generator of the security CPU-A may generate a unique key with use of the algorithm variant (930). The security CPU-A may provide access or decryption rights to the security CPU-B corresponding to the unique key exclusive of the host processor (934).
The methods, devices, and logic described above may be implemented in many different ways in many different combinations of hardware, software or both hardware and software. For example, all or parts of the system may include circuitry in a controller, a microprocessor, or an application specific integrated circuit (ASIC), or may be implemented with discrete logic or components, or a combination of other types of analog or digital circuitry, combined on a single integrated circuit or distributed among multiple integrated circuits.
While various embodiments of the invention have been described, it will be apparent to those of ordinary skill in the art that many more embodiments and implementations are possible within the scope of the invention. Accordingly, the invention is not to be restricted except in light of the attached claims and their equivalents.
Shekhar, Shashank, Dellow, Andrew, Rodgers, Stephane
Patent | Priority | Assignee | Title |
10909248, | Jun 29 2017 | Microsoft Technology Licensing, LLC | Executing encrypted boot loaders |
Patent | Priority | Assignee | Title |
5842207, | Jul 10 1991 | Hitachi, Ltd. | Method for storing records of a distributed database by plural processors to provide a host processor with sorted records belonging to one of a plurality of key sections |
6012142, | Nov 14 1997 | CRYSTAL SEMICONDUCTOR CORP | Methods for booting a multiprocessor system |
6212635, | Jul 18 1997 | VORTEX PATHWAY LLC | Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place |
6289455, | Sep 02 1999 | Crypotography Research, Inc.; Cryptography Research, Inc | Method and apparatus for preventing piracy of digital content |
6599194, | Sep 08 1998 | NINTENDO CO , LTD | Home video game system with hard disk drive and internet access capability |
7024564, | Dec 04 1996 | SAFENET, INC | Software protection device and method |
7467304, | Jun 22 2005 | ARM Limited | System, device, and method of selectively allowing a host processor to access host-executable code |
7536558, | Aug 29 2003 | TGBW Inc | Flash memory distribution of digital content |
8090108, | Apr 15 2008 | Adaptive Chips, Inc. | Secure debug interface and memory of a media security circuit and method |
8146167, | Jul 29 2005 | SONY NETWORK ENTERTAINMENT PLATFORM INC ; Sony Computer Entertainment Inc | Use management method for peripheral device, electronic system and component device thereof |
8209751, | Nov 18 2004 | BIOGY, INC | Receiving an access key |
8319780, | Jul 30 2008 | Nvidia Corporation | System, method, and computer program product for synchronizing operation of a first graphics processor and a second graphics processor in order to secure communication therebetween |
8498417, | Dec 27 2007 | EMC IP HOLDING COMPANY LLC | Automation of coordination of encryption keys in a SAN based environment where an encryption engine, device management, and key management are not co-located |
8799681, | Dec 27 2007 | EMC IP HOLDING COMPANY LLC | Redundant array of encrypting disks |
20030233553, | |||
20040034823, | |||
20050138409, | |||
20050204155, | |||
20050246529, | |||
20060129848, | |||
20060179487, | |||
20060289659, | |||
20070189526, | |||
20070209072, | |||
20070294745, | |||
20080219494, | |||
20080282093, | |||
20080298593, | |||
20090007275, | |||
20090083547, | |||
20090110190, | |||
20090202068, | |||
20090249080, | |||
20100005264, | |||
20110202776, | |||
20110258426, | |||
20120060040, | |||
20120079287, | |||
20120173877, | |||
20120198224, | |||
20130212671, | |||
20130282951, | |||
20130291053, | |||
EP1868127, |
Executed on | Assignor | Assignee | Conveyance | Frame | Reel | Doc |
Nov 27 2012 | SHEKHAR, SHASHANK | Broadcom Corporation | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 029430 | /0223 | |
Dec 04 2012 | DELLOW, ANDREW | Broadcom Corporation | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 029430 | /0223 | |
Dec 05 2012 | RODGERS, STEPHANE | Broadcom Corporation | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 029430 | /0223 | |
Dec 06 2012 | Broadcom Corporation | (assignment on the face of the patent) | / | |||
Feb 01 2016 | Broadcom Corporation | BANK OF AMERICA, N A , AS COLLATERAL AGENT | PATENT SECURITY AGREEMENT | 037806 | /0001 | |
Jan 19 2017 | BANK OF AMERICA, N A , AS COLLATERAL AGENT | Broadcom Corporation | TERMINATION AND RELEASE OF SECURITY INTEREST IN PATENTS | 041712 | /0001 | |
Jan 20 2017 | Broadcom Corporation | AVAGO TECHNOLOGIES GENERAL IP SINGAPORE PTE LTD | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 041706 | /0001 | |
May 09 2018 | AVAGO TECHNOLOGIES GENERAL IP SINGAPORE PTE LTD | AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE LIMITED | MERGER SEE DOCUMENT FOR DETAILS | 047229 | /0408 | |
Sep 05 2018 | AVAGO TECHNOLOGIES GENERAL IP SINGAPORE PTE LTD | AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE LIMITED | CORRECTIVE ASSIGNMENT TO CORRECT THE PATENT NUMBER 9,385,856 TO 9,385,756 PREVIOUSLY RECORDED AT REEL: 47349 FRAME: 001 ASSIGNOR S HEREBY CONFIRMS THE MERGER | 051144 | /0648 | |
Sep 05 2018 | AVAGO TECHNOLOGIES GENERAL IP SINGAPORE PTE LTD | AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE LIMITED | CORRECTIVE ASSIGNMENT TO CORRECT THE EFFECTIVE DATE PREVIOUSLY RECORDED ON REEL 047229 FRAME 0408 ASSIGNOR S HEREBY CONFIRMS THE THE EFFECTIVE DATE IS 09 05 2018 | 047349 | /0001 |
Date | Maintenance Fee Events |
Apr 29 2019 | M1551: Payment of Maintenance Fee, 4th Year, Large Entity. |
Apr 20 2023 | M1552: Payment of Maintenance Fee, 8th Year, Large Entity. |
Date | Maintenance Schedule |
Oct 27 2018 | 4 years fee payment window open |
Apr 27 2019 | 6 months grace period start (w surcharge) |
Oct 27 2019 | patent expiry (for year 4) |
Oct 27 2021 | 2 years to revive unintentionally abandoned end. (for year 4) |
Oct 27 2022 | 8 years fee payment window open |
Apr 27 2023 | 6 months grace period start (w surcharge) |
Oct 27 2023 | patent expiry (for year 8) |
Oct 27 2025 | 2 years to revive unintentionally abandoned end. (for year 8) |
Oct 27 2026 | 12 years fee payment window open |
Apr 27 2027 | 6 months grace period start (w surcharge) |
Oct 27 2027 | patent expiry (for year 12) |
Oct 27 2029 | 2 years to revive unintentionally abandoned end. (for year 12) |